开发者社区> 问答> 正文

使用demo下载自己配置的服务器上的文件,提示SignatureDoesNotMatch

求助啊我现在是要测试从我们的地址中下载一个文件,我们的实际文件存放路径是  bucket.endpoint/访问用户的id/jay.jpg


OSSCredentialProvider credetialProvider = new OSSFederationCredentialProvider() {
            @Override
            public OSSFederationToken getFederationToken() {

                try {
                    String ak = accessKeyId;
                    String sk = accessKeySecret;
                    String token = accessToken;
                    String expiration =
time[size=; font-size: 14pt,14pt] ;
                    return new OSSFederationToken(ak , sk , token , expiration) ;
                 } catch (Exception e) {
                    e.printStackTrace()
;
                 }
                
return null;
             }
        }
;



download.setOnClickListener( new View.OnClickListener() {
     @Override
     public void onClick(View v) {
         new Thread( new Runnable() {
             @Override
             public void run() {
                 new GetObjectSamples( oss , testBucket , downloadObject).asyncGetObjectSample() ;
            }
        }).start() ;
    }
}) ;
这里的downloadObject = "/访问用户的id/jay.jpg"
就报这个错误
E/ErrorCode: SignatureDoesNotMatch
12-09 15:49:47.012 8150-9000/com.alibaba.sdk.android.oss.app E/RequestId: 5667DD180C0F571621A1B688
12-09 15:49:47.012 8150-9000/com.alibaba.sdk.android.oss.app E/HostId: healthd-pic-store.oss-cn-beijing.aliyuncs.com
12-09 15:49:47.012 8150-9000/com.alibaba.sdk.android.oss.app E/RawMessage: <?xml version="1.0" encoding="UTF-8"?>
12-09 15:49:47.012 8150-9000/com.alibaba.sdk.android.oss.app E/RawMessage: <Error>
12-09 15:49:47.012 8150-9000/com.alibaba.sdk.android.oss.app E/RawMessage:   <Code>SignatureDoesNotMatch</Code>
12-09 15:49:47.012 8150-9000/com.alibaba.sdk.android.oss.app E/RawMessage:   <Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message>
12-09 15:49:47.012 8150-9000/com.alibaba.sdk.android.oss.app E/RawMessage:   <RequestId>5667DD180C0F571621A1B688</RequestId>
12-09 15:49:47.012 8150-9000/com.alibaba.sdk.android.oss.app E/RawMessage:   <HostId>healthd-pic-store.oss-cn-beijing.aliyuncs.com</HostId>
12-09 15:49:47.012 8150-9000/com.alibaba.sdk.android.oss.app E/RawMessage:   <OSSAccessKeyId>已省略</OSSAccessKeyId>
12-09 15:49:47.012 8150-9000/com.alibaba.sdk.android.oss.app E/RawMessage:   <SignatureProvided>y/bYh+AYpo7pa12VsBunJk/Mh7s=</SignatureProvided>
12-09 15:49:47.012 8150-9000/com.alibaba.sdk.android.oss.app E/RawMessage:   <StringToSign>GET

将downloadObject修改成“97/jay.jpg”时,就返回

com.alibaba.sdk.android.oss.app E/ErrorCode: AccessDenied
12-09 16:40:14.235 17338-17505/com.alibaba.sdk.android.oss.app E/RequestId: 5667E8EFA9929D396CD40026
12-09 16:40:14.235 17338-17505/com.alibaba.sdk.android.oss.app E/HostId: healthd-pic-store.oss-cn-beijing.aliyuncs.com
12-09 16:40:14.236 17338-17505/com.alibaba.sdk.android.oss.app E/RawMessage: <?xml version="1.0" encoding="UTF-8"?>
12-09 16:40:14.236 17338-17505/com.alibaba.sdk.android.oss.app E/RawMessage: <Error>
12-09 16:40:14.236 17338-17505/com.alibaba.sdk.android.oss.app E/RawMessage:   <Code>AccessDenied</Code>
12-09 16:40:14.236 17338-17505/com.alibaba.sdk.android.oss.app E/RawMessage:   <Message>Access denied by authorizer's policy.</Message>
12-09 16:40:14.236 17338-17505/com.alibaba.sdk.android.oss.app E/RawMessage:   <RequestId>5667E8EFA9929D396CD40026</RequestId>
12-09 16:40:14.236 17338-17505/com.alibaba.sdk.android.oss.app E/RawMessage:   <HostId>healthd-pic-store.oss-cn-beijing.aliyuncs.com</HostId>
12-09 16:40:14.236 17338-17505/com.alibaba.sdk.android.oss.app E/RawMessage: </Error>


这到底是什么原因啊

展开
收起
让爱失落 2015-12-09 16:31:27 10219 0
1 条回答
写回答
取消 提交回答
  • 在下载前打开log:

    OSSLog.enableLog();

    然后保存下Log中生成签名的串,和最后请求返回的RequestId一起贴一下。

    -------------------------

    重新获取一对sts的token还会遇到这个问题吗?看下是偶现还是必现。

    如果直接使用自己主账号的ak/sk测试有遇到问题么?

    -------------------------

    可以提工单,提供一对可用的sts token给客服同学,帮忙检验一下。

    -------------------------

    第一个问题:objectKey为‘/访问用户的id/jay.jpg',OSS规定objectKey不能以'/'开头,这个SDK里应该没处理好,没给相应提示。

    -------------------------

    第二个问题:改为正确的Objectkey以后,错误信息是,拿到的sts token的权限不正确。这个要检查一下,获取sts token的子账户、角色、policy配置是否正确。

    要确保获取sts token时,使用的ak/sk是子账户的,同时:

    子账户拥有RAM权限、OSS权限;
    角色拥有OSS权限;
    Policy中包含你对应操作的权限。

    参考:https://help.aliyun.com/document_detail/oss/practice/ram_guide.html

    2015-12-09 16:46:25
    赞同 展开评论 打赏
问答排行榜
最热
最新

相关电子书

更多
如何运维千台以上游戏云服务器 立即下载
网站/服务器取证 实践与挑战 立即下载
ECS块储存产品全面解析 立即下载